F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Configuration Guide-6PW100
261
Item Descri
p
tion
Portal Accounting
Name
Configure the accounting method for portal users.
Options include:
• Local—Local accounting.
• None—No accounting.
• RADIUS—RADIUS accounting. You must specify the RADIUS scheme to be used.
• Not Set—The device uses the settings in the Default Accounting area for portal
users.
247BAuthentication/authorization for Telnet/SSH users by a
RADIUS server
The configuration of RADIUS authentication and authorization for SSH users is similar to that for Telnet
users. This example describes the configuration for Telnet users.
483BNetwork requirements
As shown in 787HFigure 162, configure the firewall to use the RADIUS server for Telnet user authentication and
authorization and add an account with the username hello@bbb on the RADIUS server, so the Telnet
user can log in to the firewall and is authorized with the privilege level 3 after login.
Set the shared key for secure RADIUS communication to expert, and set the ports for
authentication/authorization and accounting to 1812 and 1813, respectively. Configure the firewall to
include the domain name in the username sent to the RADIUS server.
Figure 162 Network diagram
484BConfiguring the RADIUS server
For more information about RADIUS server configuration, see the configuration manual provided with the
RADIUS server.
485BConfiguring the firewall
1. Configure the IP address and security zone of each interface. (Details not shown.)
2. Configure a RADIUS scheme:
a. Select User > RADIUS from the navigation tree.
b. Click Add.